Amazon Web Services (AWS) - Create SSL certificate using the AWS CLI

by
Jeremy Canfield |
Updated: May 25 2024
| Amazon Web Services (AWS) articles
This assumes you have already configured the aws command line tool. If not, check out my article on Getting Started with the AWS CLI.
Before requesting a certificate, you will need a valid, registered domain. If you are using AWS Route 53 as your DNS provider, the aws route53 list-hosted-zones command can be used to list your Hosted Zones.
~]$ aws route53 list-hosted-zones
{
"HostedZones": [
{
"Id": "/hostedzone/Z056866DJM1OE9C45GH42",
"Name": "freekb.link.",
"CallerReference": "RISWorkflow-RD:98abdc50-5adf-1234-abdc-471041234a6c",
"Config": {
"Comment": "HostedZone created by Route53 Registrar",
"PrivateZone": false
},
"ResourceRecordSetCount": 3
}
]
}
The aws acm request-certificate command can be used to create a new SSL certificate. In this example, since my Hosted Zone is freekb.link, I use freekb.link in the request.
~]$ aws acm request-certificate --domain-name freekb.link --validation-method DNS
{
"CertificateArn": "arn:aws:acm:us-east-1:123456789012:certificate/1e7f6855-b89c-482b-87f5-833d0b7f088b"
}
The aws acm list-certificates command can then be used to list the Amazon Certificate Management (ACM) certificates you have created.
~]$ aws acm list-certificates
{
"CertificateSummaryList": [
{
"CertificateArn": "arn:aws:acm:us-east-1:123456789012:certificate/1e7f6855-b89c-482b-87f5-833d0b7f088b",
"DomainName": "freekb.link"
}
]
}
Did you find this article helpful?
If so, consider buying me a coffee over at